Vulnerabilities (CVE)

Filtered by CWE-427
Total 755 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3667 1 Mcafee 1 Techcheck 2024-02-28 4.4 MEDIUM 7.8 HIGH
DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.
CVE-2019-6858 1 Schneider-electric 1 Msx Configurator 2024-02-28 4.4 MEDIUM 7.8 HIGH
A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL.
CVE-2019-18575 1 Dell 1 Command\|configure 2024-02-28 6.6 MEDIUM 7.1 HIGH
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system.
CVE-2019-18215 1 Comodo 1 Comodo Internet Security 2024-02-28 4.4 MEDIUM 7.8 HIGH
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms.
CVE-2019-9491 2 Microsoft, Trendmicro 2 Windows, Anti-threat Toolkit 2024-02-28 5.1 MEDIUM 7.8 HIGH
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.
CVE-2019-7960 3 Adobe, Apple, Microsoft 3 Animate Cc, Macos, Windows 2024-02-28 4.4 MEDIUM 7.8 HIGH
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2019-20406 2 Atlassian, Microsoft 3 Confluence, Confluence Server, Windows 2024-02-28 4.4 MEDIUM 7.8 HIGH
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.
CVE-2019-17665 1 Nsa 1 Ghidra 2024-02-28 4.4 MEDIUM 7.8 HIGH
NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it loads jansi.dll from the current working directory.
CVE-2019-19689 2 Microsoft, Trendmicro 2 Windows, Housecall For Home Networks 2024-02-28 4.4 MEDIUM 7.8 HIGH
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses.
CVE-2019-16001 2 Cisco, Microsoft 3 Webex Meetings, Webex Teams, Windows 2024-02-28 4.4 MEDIUM 5.3 MEDIUM
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the vulnerable application is launched. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user account.
CVE-2019-19954 2 Microsoft, Signal 2 Windows, Signal-desktop 2024-02-28 6.9 MEDIUM 7.3 HIGH
Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.
CVE-2016-5311 1 Symantec 9 Endpoint Protection, Endpoint Protection Cloud, Norton 360 and 6 more 2024-02-28 6.9 MEDIUM 7.8 HIGH
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
CVE-2019-6333 1 Hp 1 Touchpoint Analytics 2024-02-28 7.2 HIGH 6.7 MEDIUM
A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service.
CVE-2019-14688 2 Microsoft, Trendmicro 9 Windows, Control Manager, Endpoint Sensor and 6 more 2024-02-28 5.1 MEDIUM 7.0 HIGH
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.
CVE-2019-5695 2 Microsoft, Nvidia 3 Windows, Geforce Experience, Gpu Driver 2024-02-28 6.9 MEDIUM 6.5 MEDIUM
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
CVE-2019-19235 2 Asus, Microsoft 2 Atk Package, Windows 10 2024-02-28 6.9 MEDIUM 7.0 HIGH
AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name.
CVE-2019-16407 1 Jetbrains 1 Resharper 2024-02-28 4.4 MEDIUM 7.3 HIGH
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
CVE-2019-17093 2 Avast, Avg 2 Antivirus, Anti-virus 2024-02-28 4.4 MEDIUM 7.8 HIGH
An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0.
CVE-2019-3726 1 Dell 3 Client Platforms, Emc Servers, Update Package Framework 2024-02-28 6.2 MEDIUM 6.7 MEDIUM
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package (DUP) Framework file versions prior to 3.8.3.67 used in Dell Client Platforms. The vulnerability is limited to the DUP framework during the time window when a DUP is being executed by an administrator. During this time window, a locally authenticated low privilege malicious user potentially could exploit this vulnerability by tricking an administrator into running a trusted binary, causing it to load a malicious DLL and allowing the attacker to execute arbitrary code on the victim system. The vulnerability does not affect the actual binary payload that the DUP delivers.
CVE-2019-6692 1 Fortinet 1 Forticlient 2024-02-28 4.4 MEDIUM 7.8 HIGH
A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL.